Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    308-101-0x0000000002450000-0x0000000002494000-memory.dmp

  • Size

    272KB

  • Sample

    230215-ecrpkahe5s

  • MD5

    76b1e33f95c2033293d086f4a5cf53ba

  • SHA1

    a5eaa2b37d960f5854cbfd42cb6692d47be12706

  • SHA256

    8be48c851e17bda8489b850d28718aab5d3f2657cec1f125ccb174e09f5cc610

  • SHA512

    aded848ad678fa4223df926c2a167a6ba93af4809c6362cc6ef70d73e9ece4e5d0fd033ef1cf9e196ff96642518137815675f6b20969f7ae27f9e76411f18d1a

  • SSDEEP

    3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wir:B6jodYx9cYKpzwAAh3nz7u

Malware Config

Extracted

Family

redline

Botnet

ruma

C2

193.233.20.13:4136

Attributes
  • auth_value

    647d00dfaba082a4a30f383bca5d1a2a

Targets

    • Target

      308-101-0x0000000002450000-0x0000000002494000-memory.dmp

    • Size

      272KB

    • MD5

      76b1e33f95c2033293d086f4a5cf53ba

    • SHA1

      a5eaa2b37d960f5854cbfd42cb6692d47be12706

    • SHA256

      8be48c851e17bda8489b850d28718aab5d3f2657cec1f125ccb174e09f5cc610

    • SHA512

      aded848ad678fa4223df926c2a167a6ba93af4809c6362cc6ef70d73e9ece4e5d0fd033ef1cf9e196ff96642518137815675f6b20969f7ae27f9e76411f18d1a

    • SSDEEP

      3072:B6jIELf6FDTCLkYxJw6qxYgcgpiiSo40jm8dAhTrnz5XD1NxNn2pU9f2MKTV/wir:B6jodYx9cYKpzwAAh3nz7u

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks